If your cybersecurity strategy isn’t up to snuff, you could be exposing your business to financial ruin. Telecoms giant TalkTalk is a testament to this. The British firm is experiencing huge fallout after confirming last week in an official statement that it had been the latest victim of a major cybersecurity hack.

The embattled telecoms giant now faces an uncertain future with a multimillion-dollar legal payout in compensation looking likely. To make matters worse, the company will be subjected to an enquiry by the Information Commissioner’s Office into whether it breached the Data Protection Act -- an offense which carries a $750,000 fine. Combined with a mass exodus of customers, cybersecurity experts estimate the breach could cost the organization up to $115 million in lost revenue and other costs.

So if all this destruction was caused by hackers, why would you ever consider hiring one to actively attack your online network? Well, here are three things to consider.

1. Everyone’s under cyber-attack.

Cybercrime is a growth industry. In 2014, the financial losses to the global economy could be as much as $575 billion, according to a report from McAfee. And it’s not just big businesses like TalkTalk that are the focus of these devastating cyber-attacks. Microsoft’s Digital Crimes Unit reports that one in five small and medium businesses have been targeted in the U.S.

Having a hacker on your side could be the difference between fending of a malicious attack and falling victim to a data breach that could bankrupt your organization. But it’s not just any old hacker you need -- you need an ethical hacker.

2. What is an ethical hacker?

In the world of hacking, there are two sides. On one side sits black hat hackers. These are the cybercriminals of the digital underworld who exploit individuals and attack company networks for nefarious purposes. On the other side sits the ethical hackers, the good guys actively working to protect businesses and governments from these malicious attacks.

These ethical hackers are computer and networking experts who work to identify security vulnerabilities in their company’s computer systems and networks. Using the same tools and penetration techniques as their less-principled counterparts, an ethical hacker will test their organizations systems to uncover weaknesses that malicious hackers could exploit. They then document and provide actionable advice on how to fix these vulnerabilities to improve the overall security of their organization, protecting them from the crippling consequences of a data breach.

3. Where can I find an ethical hacker?

If you’re looking need an ethical hacker, you can typically hire in or train an existing staff member.

Training an existing member of the IT department to develop ethical hacking skills is often the preferred and less-costly option. EC-Council’s Certified Ethical Hacker course (CEH) is an ideal option. It was specially designed to develop the required skills. Attendees master a range of hacking skills, getting hands-on with the very latest tools and techniques. They beat a hacker by learning to think like one. CEH courses typically cost anywhere between $1,500 and $3,500, depending on the method of training.

Hiring a seasoned ethical hacker is the second and more costly option. According to Payscale, the average salary for a security professional in the U.S. with a CEH certification is $72,499 per year. Still, if you consider that the average cost a single data breach to be $6.5 million, the investment pales in comparison.